attachment
<div dir="ltr"><div><div><div>Hi,<br><br></div>This Chromium work in W3C looks interesting and useful - read on.<br><br></div>Cheers,<br></div>- Ira<br><div><div><div><div><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><br><div style="display:inline"></div><div style="display:inline"></div><div style="display:inline"></div><div></div><div></div><div></div><div></div></div></div></div></div></div>
<br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Jeffrey Yasskin</b> <span dir="ltr"><<a href="mailto:jyasskin@chromium.org">jyasskin@chromium.org</a>></span><br>Date: Thu, Jun 15, 2017 at 3:09 PM<br>Subject: [dispatch] A packaging format for the web<br>To: <a href="mailto:dispatch@ietf.org">dispatch@ietf.org</a><br><br><br>Hello Dispatch,<br>
<br>
TL;DR: We're bringing the work at <a href="https://github.com/WICG/webpackage" rel="noreferrer" target="_blank">https://github.com/WICG/<wbr>webpackage</a><br>
to the IETF.<br>
<br>
People would like to use content offline and in other situations where<br>
there isn’t a direct connection to the server where the content<br>
originates. However, it's difficult to distribute and verify the<br>
authenticity of applications and content without a connection to the<br>
network. The W3C has addressed running applications offline with<br>
Service Workers (<a href="https://www.w3.org/TR/service-workers-1/" rel="noreferrer" target="_blank">https://www.w3.org/TR/<wbr>service-workers-1/</a>), but not<br>
the problem of distribution.<br>
<br>
* People with expensive or intermittent internet connections are used<br>
to sharing files via P2P links and shared SD cards. They should be<br>
able to install web applications they received this way. Installing a<br>
web application requires a TLS-type guarantee that it came from and<br>
can use data owned by a particular origin.<br>
<br>
* Verification of the origin of the content isn't always necessary.<br>
For example, users currently share screenshots and MHTML documents<br>
with their peers, with no guarantee that the shared content is<br>
authentic. However, these formats have low fidelity (screenshots)<br>
and/or aren't interoperable (MHTML). We'd like an interoperable format<br>
that lets both publishers and readers package such content for use in<br>
an untrusted mode.<br>
<br>
* CDNs want to re-publish other origins' content so readers can access<br>
it more quickly or more privately. Currently, to attribute that<br>
content to the original origin, they need the full ability to publish<br>
arbitrary content under that origin's name. There should be a way to<br>
let them attribute only the exact content that the original origin<br>
published.<br>
<br>
We think a packaging format can help satisfy these use cases. This<br>
format likely also has other uses, and we should try to support such<br>
use cases as long as they don't compromise the offline use cases. For<br>
example, packages may help optimize transferring online content or let<br>
third-parties assert properties of the package via cross-signatures.<br>
<br>
The Chromium project has started work on this sort of packaging format<br>
within the W3C's WICG, at <a href="https://github.com/WICG/webpackage" rel="noreferrer" target="_blank">https://github.com/WICG/<wbr>webpackage</a>. We have<br>
a list of use cases, some goals and explicit non-goals, and a draft<br>
for the format itself. We believe the IETF is the ideal place to<br>
standardize the format, and in parallel we'll specify within the W3C<br>
how browsers should load it. I'll be writing an initial internet-draft<br>
in the next couple weeks, in time to bring it to IETF 99.<br>
<br>
We'd appreciate being directed to the appropriate place within the<br>
IETF to do this work.<br>
<br>
Thanks,<br>
Jeffrey Yasskin<br>
<br>
P.S. I'll be on vacation from June 16-23; I'll reply intermittently<br>
during that time but mostly once I get back.<br>
<br>
______________________________<wbr>_________________<br>
dispatch mailing list<br>
<a href="mailto:dispatch@ietf.org">dispatch@ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/dispatch" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/<wbr>listinfo/dispatch</a><br>
</div><br></div></div></div></div></div>